Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2016.2337 Cisco Nexus 7000 and 7700 Series Switches Overlay Transport Virtualization Buffer Overflow Vulnerability 6 October 2016 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Cisco Nexus 7000 and 7700 Series Switches Publisher: Cisco Systems Operating System: Cisco Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2016-1453 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-otv - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Nexus 7000 and 7700 Series Switches Overlay Transport Virtualization Buffer Overflow Vulnerability Advisory ID: cisco-sa-20161005-otv Revision 1.0 For Public Release 2016 October 5 16:00 UTC (GMT) +--------------------------------------------------------------------- Summary ======= A vulnerability in the Overlay Transport Virtualization (OTV) Generic Router Encapsulation (GRE) implementation of the Cisco Nexus 7000 and 7700 Series Switches could allow an unauthenticated, adjacent attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to incomplete input validation performed on the size of OTV packet header parameters, which can result in a buffer overflow. An attacker could exploit this vulnerability by sending a crafted OTV UDP packet to the OTV interface on an affected device. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the OTV related process on the affected device. Cisco has released software updates that address this vulnerability. A workaround to mitigate this vulnerability is available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-otv - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (SunOS) iQIVAwUBV/Jmd689gD3EAJB5AQJKfxAAgQHHRNd10fAZT/Nv9Nd3OarYWZjt9QnE c3Q5KPGZ8yBsoBDp9vGNq3Zu1XRLz9TZJk/2hqs3AOGLsONeyJ+wcce01/zYwdxv wjgXc/qs/fT4uDFSjguCq4alBDJoxA+MCDH9ZYJ1XdykCVoZprcJQFbiRuSkKJJB 0pS1RsmiJ1KXbOpG7oCU/7ptb6gVAMVieTZW530Feu/WXssLA4I8wprNfhdMzW5Q 15KqH+pOZSr831rjBQahnudBB1u5smw/fWWgtRZxo6x3OSbS2drqGaRbNg6qPtl7 m8zdl2Rd++FYEwKm61Xwm7t8x2m2Yh/aHRRGL5bTcit1xFETiadL73hiD2wFoYdR XEIFnYn+7tkIOhq2cS89O+00CYipFTwBBsMpibURVP56nY3xUaiv4AL72bxed0ys afJ1ZctMSLOQRrcjbmzRWFyCjZEjg03SrPOCsCmQRRkl0MPeGCJ/e7gkhE7aYN+B E1dsASbbLHyH0zwkOGMxoDiPHf1UPiSpXN9JpdAZlk6iF5sD4POXhmAtYgyyQIDt 6mZn6hW7HH38hTErrze1rN1IIQiO/qDjowkQuSi5G3SsT3uAGn4Rtz6oZTHzLuYq LT/vX3BK/0WbKII0Zz/Vw4QY1vhx32rgdGzez0H/OKMKMICsi8IvuqXGeOZZC++B CoZE5dSl+VI= =P29o - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIUAwUBV/WtE4x+lLeg9Ub1AQhyUA/3TFzPxbbDJ2kL8EW9cxewJhspTFMqIHkc APs2yxuBt+MqUsEKFJwAgTSR66IgTLvtkR/0Eggq4gCm2lfi+csiM2l6f4DBnoRJ 4lsgJMXR16jgjNQgevUFcz7Ah3ONXcLksv98/QQmSdlbEiNP20Mf8hUFlLNPme+9 X2+ZHlo8uXi27noHkq1ihMVZT1XYTN9zP+gbotw+pkIccxQ68oBJj9vl0m8cvSfy IDNYTbfLwG4ECbSL/j12WBYamrDeeEizr/nsHKRab+e10lxR8/RH3TmqYNnhVqqZ Y88DxOjjLE3+mgKx/TunbDvHF/X7aF/0tO/OIeZojYLqayIJCkHoEvJwBpR9LtiI 5fwBSMUjfw5Or//xMHzHzIMH87nazd3l70uBRN+OkS/8LFh63O5n8ASNLrX5IZng 9eJsk+Nv7B2JRHWChBcfSHT2I9b5K1GFigfv62pjpYTNPI3jZ9uYPVAbEvI4GYVk L4Gea2BDoTGKIs1KbXeIt3VNIS/dzCCn2FmNzYvcqWX/1z36kxI0eFXzZZndhyMd MzIpO0PWCY92547lBfQISg9J5FZH+DMlvRQnCP3OvlRAO9wWbw8u+8c4h4WEbcFF uqFZs8e8jMldnDRWc0Fk5Zo6b/sE2KwfH4gwlU8lfYpj+bOlEFPYS1zGZzRvGYgC R/7HeUQbIw== =eqqM -----END PGP SIGNATURE-----